02.07.2017 PCMag

​Skyhigh Rolls Out Custom Enterprise App Security for Public Clouds

Enterprises are shifting more and more of their business onto cheap, scalable Infrastructure-as-a-Service (IaaS) clouds. To oversee and secure all of the complex array of applications, data, and services migrating to the cloud, IT and security teams are increasingly turning to Cloud Access Security Broker (CASB) platforms. Ahead of this year's RSA security conference, CASB platform provider Skyhigh Networks today announced "Skyhigh for Custom Apps" and "Skyhigh for IaaS," extensions of Skyhigh's CASB technology that let enterprises manage all of the custom apps deployed across public cloud from a single control point.

The Skyhigh Networks CASB platform is a cloud-based platform from which IT can configure access privileges, manage identity, and enforce endpoint security policies and encryption for every Software-as-a-Service (SaaS) app that makes up an enterprise's app stack. At the RSA security conference this year, Skyhigh Networks CEO Rajiv Gupta said the company will demonstrate a major extension of its CASB platform to cover every app an enterprise has running on public cloud infrastructure, as well as to provide audit trails and security recommendations for Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.

"From a company perspective, this is as big of a launch for us as when we defined the CASB market in the first place," said Gupta. "We're taking this control point we created that can handle thousands of SaaS services and now enabling enterprises to use it to set DLP [data loss prevention] policies, insider threat policies, privileged access, and more—consistently across your hundreds of thousands of custom apps written and deployed around the world."

Gupta described the CASB platform extension as a self-service experience that allows IT and security teams to onboard their own services running on AWS, Azure, GCP, or other public clouds. Skyhigh works the same way with SaaS services: integrating directly with the application programming interface (API) so that the added security, compliance, and data governance measures don't add more friction for the user.

Skyhigh for Custom Apps gives IT a real-time dashboard of user activity across deployed apps. The dashboard also lets administrators configure custom compliance and data access control policies across apps and user permission levels, along with managing data access to Bring-Your-Own-Device (BYOD) devices and ensuring end-to-end data encryption. The features in Skyhigh for IaaS add audit trail and compliance recommendations for the specific cloud infrastructure on which enterprise apps are running and identifies inactive accounts.

"The way we give the enterprise visibility is through analytics," said Gupta. "We gather the logs off your existing firewalls and proxies, look at that data, and give the CIO or infosec team a useful cross-section of what's happening, what security risks exist, etc."

Inside Skyhigh's CASB Platform

Gupta explained how Skyhigh's CASB platform works on two levels: it gives enterprises a single access point from which to oversee all of the SaaS services they're adopting as well as the IaaS apps they're hosting on cloud platforms. At the same time, it's designed to shine a light on shadow ITpractices within an organization. According to Gupta, a CASB platform gives IT greater visibility into all of the cloud-based apps and services connected to the corporate network, and then collects data and real-time analytics to help IT enforce security and compliance policies, without adding friction for users.

"We want to enable the organization to use all the appropriate SaaS services, be it Salesforce or Box, or the biggest runaway train by a country mile lately has been Office 365," said Gupta. "We're also starting to see Slack adoption really rev up."